I see that the vulnerability is in the way that MS implements the Remote Access Protocol, some form of the RDP protocol if my understanding is correct. My question is, besides RE'ing the fix when it is released, how does one go about building an exploit for this vulnerability? At first I thought just manipulating the packets themselves would be enough, but I have no idea how one would generate application specific packets... I'm not trying to do so, but I am tring to understand the process.

That was actually posted back in August. I think you may be confusing this with the RDP bug 12-020.

Regardless, with any of these bulletins the process varies. Sometimes the bulletin will provide SOME detail or some vague idea of what was reported. More often than not, they hardly say anything specific.

In the case of protocol bugs, you would just need to know how the protocol works and begin fuzzing. RDP is very complex and getting 12-020 to be exploitable never hit a public exploit database. There are rumors that one is available though.

To generate application specific packets, you can use tools like scapy. Scapy allows you create any type of packet you want. Understanding how the protocol works would be critical though, otherwise your packets wont matter.